jonara
/
Gestion-inventario
mirror of https://github.com/jonander2233/Gestion-inventario
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor HTML structure and update security configuration for role-based access

This commit is contained in:
jon ander 2025-03-25 19:21:12 +01:00
parent d58b92cd37
commit 096efe5866
6 changed files with 54 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
View File

@ -27,7 +27,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
.requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // 🔹 Permitir acceso a CSS, JS e imágenes .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // 🔹 Permitir acceso a CSS, JS e imágenes
.requestMatchers("/admin/**").hasRole("ADMIN") .requestMatchers("/admin/**").hasRole("ADMIN")
.requestMatchers("/user/**").hasAnyRole("USER", "ADMIN") .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
.requestMatchers("/", "/login", "/register").permitAll() .requestMatchers("/register").hasRole("ADMIN")
.requestMatchers("/", "/login").permitAll()
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.formLogin(login -> login .formLogin(login -> login

6
src/main/resources/application.properties
View File

@ -17,10 +17,4 @@ spring.jpa.database-platform=org.hibernate.dialect.MySQL8Dialect
spring.jpa.hibernate.ddl-auto=update spring.jpa.hibernate.ddl-auto=update
# Para inicializar datos en la base de datos (opcional)
spring.sql.init.mode=always
spring.security.user.name=admin
spring.security.user.password=admin123
spring.security.user.roles=ADMIN

27
src/main/resources/static/css/style.css
View File

@ -17,7 +17,16 @@ p {
margin-bottom: 20px; margin-bottom: 20px;
} }
form { .register_form{
background-color: #fff;
padding: 20px;
border-radius: 8px;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
width: 100%;
max-width: 400px;
box-sizing: border-box;
}
.container1{
background-color: #fff; background-color: #fff;
padding: 20px; padding: 20px;
border-radius: 8px; border-radius: 8px;
@ -26,7 +35,6 @@ form {
max-width: 400px; max-width: 400px;
box-sizing: border-box; box-sizing: border-box;
} }
.input-group { .input-group {
margin-bottom: 15px; margin-bottom: 15px;
} }
@ -57,21 +65,6 @@ button {
button:hover { button:hover {
background-color: #0056b3; background-color: #0056b3;
} }
#button1 {
width: 100%;
padding: 10px;
background-color: #007bff;
color: #fff;
border: none;
border-radius: 4px;
cursor: pointer;
}
#button1:hover{
background-color: #0056b3;
}
#message { #message {
margin-top: 15px; margin-top: 15px;
text-align: center; text-align: center;

26
src/main/resources/templates/Home.html
View File

@ -1,15 +1,27 @@
<!DOCTYPE html> <!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org"> <html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
<head> <head>
<title>Home</title> <title>Home</title>
<link rel="stylesheet" th:href="@{/css/style.css}">
</head> </head>
<body> <body>
<h2 th:text="${message}"></h2> <h2 th:text="${message}"></h2>
<!-- Formulario de Logout (POST) --> <div class="container1">
<form th:action="@{/logout}" method="post"> <!-- Formulario de Logout (POST) -->
<button type="submit">Cerrar Sesión</button> <form th:action="@{/logout}" method="post">
<!-- Token CSRF (obligatorio) --> <button type="submit">Cerrar Sesión</button>
<input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/> <!-- Token CSRF (obligatorio) -->
</form> <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
</form>
<!-- Botón visible solo para Administradores -->
<div sec:authorize="hasRole('ADMIN')">
<br>
<br>
<a href="/Inventario/register">
<button>Registrar Nuevo Usuario</button>
</a>
</div>
</div>
</body> </body>
</html> </html>

2
src/main/resources/templates/Login.html
View File

@ -6,7 +6,7 @@
<link rel="stylesheet" th:href="@{/css/style.css}"> <link rel="stylesheet" th:href="@{/css/style.css}">
</head> </head>
<body> <body>
<div class="container_login"> <div class="container1">
<h2>Iniciar Sesión</h2> <h2>Iniciar Sesión</h2>
<form id="loginForm" th:action="@{/login}" method="post"> <form id="loginForm" th:action="@{/login}" method="post">

35
src/main/resources/templates/Register.html
View File

@ -2,21 +2,30 @@
<html xmlns:th="http://www.thymeleaf.org"> <html xmlns:th="http://www.thymeleaf.org">
<head> <head>
<title>Registro</title> <title>Registro</title>
<link rel="stylesheet" th:href="@{/css/style.css}">
</head> </head>
<body> <body>
<h2>Registro</h2> <h2>Registro</h2>
<form th:action="@{/register}" method="post"> <div class="register_form">
<input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/> <form th:action="@{/register}" method="post">
<label>Usuario:</label> <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
<input type="text" name="username" required> <label>Usuario:</label>
<label>Contraseña:</label> <input type="text" name="username" required>
<input type="password" name="password" required> <br>
<label>Rol:</label> <br>
<select name="role"> <label>Contraseña:</label>
<option value="USER">Usuario</option> <input type="password" name="password" required>
<option value="ADMIN">Administrador</option> <br>
</select> <br>
<button type="submit">Registrar</button> <label>Rol:</label>
</form> <select name="role">
<option value="USER">Usuario</option>
<option value="ADMIN">Administrador</option>
</select>
<br>
<br>
<button type="submit">Registrar</button>
</form>
</div>
</body> </body>
</html> </html>